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Overview of Project Focuses 

• Develop methods and select tools for reliability 
assessment of adaptive flight control systems 

• Develop methods for modeling the controlled 
flight system recovery process and evaluating 
the likelihood of success 

• Develop integrated adaptive control synthesis 
methods based on reliability criteria 
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Reliability Analysis 

• Role of reliability analysis in AvSP 

- Identify and quantify the needs for aviation safety 
enhancement 

— Specify the safety goals and measures 

- Set an all encompassing criterion and guidelines for 
integrated system designs 

- Provide tools for validation and verification of modified 
and new designs aimed at reliability enhancement 

- Bottom line 

> Establish measures through scientific means that are convincing to 
ourselves and others on what needs to be and has been 
accomplished 
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Reliability Analysis 

Contributions 

- Surveyed reliability assessment tools and selected 
candidate tools to be used for AvSP 

> Software tools: http://www.enre.umd.edu/tool.htm 

> Rationale for the selection of SURE & ASSIST (summer’99 report) 

♦ Handle complex reconfiguration strategies with simple reliability 
models (no reason for complex models due to lack of data) 

♦ Provide accuracy for disparate failure and recovery rates 

♦ Have flexibility to allow incorporation of decision risk factors 

♦ Require a thorough understanding of failure and recovery processes 

> Possible improvement: more user friendly interface 

♦ Suggest that AvSP support such an endeavor if Ricky is willing 
(SURE is of very high quality and unique work) 
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Reliability Analysis 

Contributions (cont’d) 

> Systems to which SURE & ASSIST are applied 

♦ A flight control system (to apepar ACC’02) 

» Sensitivity analysis w.r.t. hazard rate, redundancy level, coverage, removal 
rate using SURE 

♦ An industrial process 

> Lessons learnt 

♦ Functional redundancy can greatly enhance system reliability 

♦ But the benefit can be severely compromised by inadequate coverage 

♦ Adequate coverage: 1-coverage hazard rate 

> Some recommendations 

♦ Some hardware redundancy can be reduced 

♦ A focused effort to enhance coverage is needed 
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Reliability Analysis 

Contributions (cont’d) 

- Incorporated decision risk factors brought in by added 
safety enhancement features through the notion of coverage 

> Characteristics of coverage 

♦ Often dominating the overall system reliability 

♦ Difficult to model 

♦ Highly scenario dependent 

♦ Highly time dependent 

> An example of coverage estimate: acc’OO paper 

> Propose similar criteria set for all new designs and new systems 
aimed at safety enhancement 
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Reliability Analysis 

• Contributions (cont’d) 

- Exploited conditions peculiar to AvSP applications 
and derived a number of bounding relations that 
provide insight and simplifications to reliability 
analysis 

- Examples of results 

♦ : hazard rate of a subsystem (10' 6 ~10' 4 hour 1 ) 

♦ : maximum MTTR of a faulty subsystem (HH-HH hour) 
♦T: mission time (H^-IO 1 hour) 

♦ k-out-of-n: k operational out of n parallel configuration 
♦c 0 : coverage of the first failure (0.9-0.999999) 

>P n T(l-c 0 ) if n T<<1, and 

(n. n [a T) n i ] [g rf a *ni 

c ° n T ( 1 n T/2) 

> MTTR can be ignored if (l-c 0 )» n 
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Reliability Analysis 

Contributions (cont’d) 

— A preliminary study on economic considerations 

> Suggest that AvSP support the development and test of the study 

> Propose to develop cost analysis for need-based maintenance 

, njVvqtiisition-l abor-Parts Cost v.s. Redundancy level ( *1ulli-Rc pairs) 



Reliability Analysis 

Contributions (cont’d) 

- Investigated applicability of UNIPASS in AvSP 

(summer’d report) 

> Failure probability analysis for components (known LSF & JPDF) 

♦Good prediction when component LSFs have small uncertainties 

♦ Help dynamic reliability modeling through covariate methods 

♦ Provide useful information for feedback control (Sean Kenny) 

> Identify needs and the potential for component reliability 
enhancement 

♦ Sensitivity analysis 

> Difficulties 

♦Joint probability distribution model for components 
♦Randomized limit state treatment 
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Reliability Analysis 


Contributions (cont’d) 

- UNIPASS v.s. SURE 


SURE 



Failure can occur at any variable value 
with a certain probability. Uncertainty 
is with the time of occurrence. 


dynamic 


statistical 


Failure 

process 
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Failure occurs when a variable 
resides in a pre-defined domain. 
Uncertainty is with where the 
variable lies. 


ll 



Reliability Analysis 


• Challenges 

- Test data crucial to reliability study but sensitive from 
market-competition & liability viewpoints are difficult to 
obtain, while accident data alone are not sufficient 
(propose to partially mitigate data deficiency through 
control) 

- New reliability measure/assessment tools that can provide 
more accurate information under less stringent data 
requirements are yet to be defined/developed (propose to 
use imprecise probabilities) 

- Lack of existing tools for fault coverage modeling and 
decision risk assessment for aviation safety (a solution 
obtained, but not yet tested on a real system) 
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Design for Reliability 

Design issues 

- Make use of existing redundancy 

> Secondary functions 

> Projections 

> Virtual variables 

- Ongoing effort 

> Diagnosis and monitoring 

> Fault tolerant control 

- Recent effort 

> Reliability allocation 
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Design for Reliability 


Contributions 

- System monitoring and diagnosis 

> Developed an adaptive parameter estimation algorithm that has 
been tested on a nonlinear vehicle model for identification of 
additive, multiplicative, and incipient faults (IJACSP, 2000) 

> Proposed a pulse compression method for system monitoring (ACC, 

2001) 

> Introduced diagnostic resolution as a measure for the performance 
of diagnostic systems, through which a functional relation to system 
reliability is established (USS, 2000) 

> Defined a redundancy measure that quantifies the extent the 
redundancy can be utilized for failure recovery through feedback 
control (Automatica, 2000) 
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Design for Reliability 


Contributions (cont’d) 

- Fault tolerant control 

> A proof of concept fault-tolerant control was performed using a linear 
parameter varying model scheduled with respect to fault effects and a 
polytopic control method (DASC, 2000) 

> A multiple channel configuration using a decentralized adaptive control 
approach to fault tolerance was proposed and an initial design was 
attempted on the 6 DOF nonlinear aircraft model (SafeProcess, 2000) 

> A quantitative relation was established between the control performance 
and the overall system reliability through fault coverage (LJSS, 2000) 

> Concepts of dynamic coverage, crucial for on-line decision making, and 
static coverage, crucial for reliability assessment and for specifying 
subsystem performance, were introduced I CDC, 2001) 
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Design for Reliability 


Contributions 


- Definition of coverage 

C v . f( )d , 

i 


\JUj( ) J min 


- Some recent results (CDC, 2001) 

> A more robust control law results in a higher coverage 

> A higher resolution diagnostic scheme results in a higher coverage 

> A less stringent control performance requirement results in a higher 
coverage 


- A proof of concept design for HIMAT 
under the max coverage criterion 
> Propose to perform an evaluation 
for the NASA B757 
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Cumulative incremental cost at T 


Design for Reliability 

• Reliability allocation 

- Problem formulation 

max Rsytfbm / new ( R] Rj , R 2 R 2 > >H n ) ^required 

f old (Rj,R 2 , -,R n ) R^t em where 0 /?, R t 1, i 1,2, ,#t 

subject to 

Cj( Rj ) C 2 ( R2 ) C n ( H n ) ^ max 

Flight I/O Pilot Aircraft Lateral 

critical control command state directional Longitudinal 

processors modules sensors sensors effectors effectors 
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Design for Reliability 

- Solution to reliability allocation via constrained optimization 

> n subsystems 

> nil configurations for subsystem i 

> R.^(T): reliability of the j th configuration of the i th subsystem at T 

> (T): T-equivalent hazard rate of thi j lh configuration of the i* 

subsystem „ R . , T , t' 










Design for Reliability 

Some thoughts on future research (cont’d) 

- Ail reported results should be tested on a realistic test-bed 
or a realistic set of aircraft data selected for AvSP for 
verification and demonstration of methods 

- Reliability analysis based on imprecise probability 

> Needs 

♦ lack of sufficient statistics 

♦ lack of precision and consistency in expert opinion 

♦ large uncertainty in pilots’ decisions 

> Issues 

♦ uncertainty description, arithmetic, measure, and principles 

♦ rule of combination 

♦ robustness 
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Design for Reliability 

Some thoughts on future research (cont’d) 

- Global control reconfigurability for non-analytic models 

> Control reconfigurability? 

♦ Ability of vehicle to allow restoration of stability through feedback control 

> Needs 

♦ Reveal potentiality and limitation of feedback control, system condition 
criticality, subsystem dependency, ... , so that vehicle recoverability can be fully 
exploited and loss of vehicle control can be prevented 

> Feasibility 

♦ Low fidelity and incomplete data can allow assessment of reconfigurability 

> Issues 

♦ Locality (domain expansion) 

♦ Singularity (gap-metric based approximation) 

♦ Directionality (mode specific reconfigurability) 

♦ Computability (convex optimization) 

- New adaptive control strategies 

(initial work submitted to GNC’02 in collaboration with Shin and Belcastro) 
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